+4
−2
Loading
nilfs2: fix kernel bug due to missing clearing of buffer delay flag
stable inclusion from stable-v5.15.170 commit 822203f6355f4b322d21e7115419f6b98284be25 category: bugfix bugzilla: https://gitee.com/src-openeuler/kernel/issues/IB2BWP CVE: CVE-2024-50116 Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=822203f6355f4b322d21e7115419f6b98284be25 -------------------------------- commit 6ed469df0bfbef3e4b44fca954a781919db9f7ab upstream. Syzbot reported that after nilfs2 reads a corrupted file system image and degrades to read-only, the BUG_ON check for the buffer delay flag in submit_bh_wbc() may fail, causing a kernel bug. This is because the buffer delay flag is not cleared when clearing the buffer state flags to discard a page/folio or a buffer head. So, fix this. This became necessary when the use of nilfs2's own page clear routine was expanded. This state inconsistency does not occur if the buffer is written normally by log writing. Signed-off-by:Ryusuke Konishi <konishi.ryusuke@gmail.com> Link: https://lore.kernel.org/r/20241015213300.7114-1-konishi.ryusuke@gmail.com Fixes: 8c26c4e2 ("nilfs2: fix issue with flush kernel thread after remount in RO mode because of driver's internal error or metadata corruption") Reported-by: